<?php
/**
 * Leek - Zend Framework Components
 *
 * @category   Leek
 * @package    Leek_Controller
 * @subpackage Plugin
 * @author     Chris Jones <leeked@gmail.com>
 * @link       http://code.google.com/p/leek-zf-components/
 * @license    http://www.opensource.org/licenses/bsd-license.php New BSD License
 * @version    $Id: Acl.php 80 2010-01-07 16:15:56Z leeked $
 */

/**
 * Adds any resources for the current controller and validates
 *
 * @category   Leek
 * @package    Leek_Controller
 * @subpackage Plugin
 * @author     Chris Jones <leeked@gmail.com>
 * @link       http://code.google.com/p/leek-zf-components/
 * @license    http://www.opensource.org/licenses/bsd-license.php New BSD License
 */
class Leek_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
{
    /**
     * Called after Zend_Controller_Router exits.
     *
     * Called after Zend_Controller_Front exits from the router.
     *
     * @param  Zend_Controller_Request_Abstract $request
     * @return void
     */
    public function routeShutdown(Zend_Controller_Request_Abstract $request)
    {
        $acl = Leek_Acl::getInstance();
        $acl->addResourcesFromFile($request->getControllerName(), $request->getModuleName());

        $resource = $this->_getResourceFromRequest($request);
        if (!$acl->validate($resource)) {
            
            $redirector     = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
            $flashMessenger = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger');

            if (Zend_Auth::getInstance()->hasIdentity()) {

                $options = $acl->getDenyRedirectOptions($resource);
                if (!empty($options['message'])) {
                    $flashMessenger->addMessage(array('message' => $options['message'], 'type' => $options['type']));
                }

                $redirector->gotoSimpleAndExit(
                    $options['action'],
                    $options['controller'],
                    $options['module']
                );

            } else {

                //$session = new Zend_Session_Namespace('AclRedirect');
                //$session->redirectTo = $this->getActionController()->getRequest()->getRequestUri();

                $options = $acl->getNoAuthRedirectOptions($resource);
                if (!empty($options['message'])) {
                    $flashMessenger->addMessage(array('message' => $options['message'], 'type' => $options['type']));
                }

                $redirector->gotoSimpleAndExit(
                    $options['action'],
                    $options['controller'],
                    $options['module']
                );

            }

        }
    }

    private function _getResourceFromRequest(Zend_Controller_Request_Abstract $request)
    {
        $resource  = 'module='      . $request->getModuleName();
        $resource .= '&controller=' . $request->getControllerName();
        $resource .= '&action='     . $request->getActionName();
        return $resource;
    }
}
